Matt Mullenweg has written a new post declaring the latest update of WordPress critical and highly recommending everyone update immediately.
From the post:
Version 3.0.4 of WordPress, available immediately through the update page in your dashboard or for download here, is a very important update to apply to your sites as soon as possible because it fixes a core security bug in our HTML sanitation library, called KSES. I would rate this release as “critical.”
I realize an update during the holidays is no fun, but this one is worth putting down the eggnog for. In the spirit of the holidays, consider helping your friends as well.
If you are a security researcher, we’d appreciate you taking a look over this changeset as well to review our update.
Mike Johnston Author
Mike is the Editor-in-Chief and Founder of CMS Critic. He started CMS Critic in 2008 when he noticed there were no sites offering reviews of the various products in the industry. He has since grown the site to become the #1 resource on the web for CMS reviews and knowledge. He attends most CMS & related technology conferences and speaks regularly. You can contact him here or follow him on Google Plus.